Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/17e30daf-f11a-4af6-8f47-661a735a22e9.roa
File: 17e30daf-f11a-4af6-8f47-661a735a22e9.roa (raw, json)
Hash identifier: qsBC7+nqvCxXBW2rdmVZhJ9qGeCdQAsqjTOAuBMd2i0=
Subject key identifier: AE:4E:80:84:46:F1:A0:5F:61:D2:F7:53:39:E2:67:09:8B:8D:16:0F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2D202AB4180125E815653EFA16139B66D7058AE1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/17e30daf-f11a-4af6-8f47-661a735a22e9.roa
Signing time: Mon 01 Sep 2025 20:30:23 +0000
ROA not before: Mon 01 Sep 2025 20:30:23 +0000
ROA not after: Mon 06 Oct 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d058:5000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 10:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:20:2a:b4:18:01:25:e8:15:65:3e:fa:16:13:9b:66:d7:05:8a:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Sep 1 20:30:23 2025 GMT
Not After : Oct 6 23:59:59 2025 GMT
Subject: serialNumber=2c3718c2c00e9dd1523b863f22edf318907a4eb92db498aa2b09a781848062bd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:0e:13:e6:76:3f:fd:73:93:f8:d8:a7:7c:de:
cc:7c:5a:a7:52:a4:6c:f3:e5:be:c2:fe:f4:f6:98:
ab:40:c4:00:ac:1f:85:dc:14:17:7d:3c:9b:9f:d8:
45:cf:58:10:20:8a:04:83:81:b3:96:e1:33:21:04:
bb:eb:95:be:26:00:91:81:36:4f:aa:52:6b:8f:1e:
52:14:54:46:45:87:fa:3e:80:3b:fd:9e:b5:be:74:
53:fc:14:c4:ec:4c:e0:53:29:6e:2d:d0:09:84:1d:
0e:05:ce:52:7e:c7:40:df:af:2a:0b:9c:95:c2:90:
ce:ba:67:34:dd:98:aa:aa:7d:67:99:9e:64:48:20:
e7:4f:09:9e:d7:c4:55:80:cb:5b:bd:aa:27:b4:7d:
10:84:c9:32:82:75:12:65:d7:03:10:9f:cf:54:c1:
be:4a:bf:0c:40:ab:b1:d9:51:74:d9:8a:3b:10:3f:
49:6d:ac:5e:b7:9d:11:d5:48:0f:29:1d:ba:a8:82:
39:22:5e:86:fa:0f:49:ef:cb:32:50:a4:26:7d:a8:
4e:00:9a:92:37:a2:47:a2:79:2f:86:35:db:78:0a:
58:64:75:4f:16:cc:07:47:cd:d1:d3:f2:df:24:c3:
61:30:b3:39:3f:25:e8:01:d8:b6:ef:5e:58:04:e3:
71:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:4E:80:84:46:F1:A0:5F:61:D2:F7:53:39:E2:67:09:8B:8D:16:0F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/17e30daf-f11a-4af6-8f47-661a735a22e9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d058:5000::/40
Signature Algorithm: sha256WithRSAEncryption
87:ad:a5:d5:28:48:a3:57:15:12:a3:c4:4b:30:d3:6b:92:ca:
31:96:1f:99:f0:cb:a0:23:e3:f6:86:82:89:c5:74:74:55:ac:
22:05:a3:e9:48:21:1c:bb:13:3b:a0:4a:cf:a5:53:d2:0f:50:
3e:c5:87:53:e1:1b:c6:8e:7e:d8:a8:55:d0:be:27:34:ca:25:
f3:d7:04:ff:5d:a7:f5:8e:fd:2f:b8:57:6d:5d:54:ba:20:bf:
7b:8f:78:a1:61:c2:4a:47:17:c5:89:b0:31:97:a7:42:e6:8a:
39:06:1b:bf:d2:99:d5:47:6e:90:43:97:a6:34:d0:07:b7:28:
4d:9e:bd:86:d0:47:a5:b5:3b:8c:01:b7:31:bb:39:25:67:20:
46:8f:10:8d:27:a1:0f:92:8f:53:d1:8b:26:f0:a9:4d:f8:3e:
9c:66:a2:be:31:cf:3c:63:eb:6a:26:d6:ea:64:3e:47:5d:5b:
23:6a:ed:80:ea:e6:c0:a3:aa:f5:8e:8b:96:77:49:ed:12:e2:
52:15:98:30:6e:34:d4:45:c7:83:02:53:ff:42:59:ae:51:2f:
8d:f1:da:18:4a:f4:01:79:d0:ea:1a:e8:3e:b3:3a:f2:38:e4:
a4:c4:dd:1a:7b:50:3c:c3:4b:7a:7d:65:c9:8d:98:26:9f:af:
bc:5b:83:f3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULSAqtBgBJegVZT76FhObZtcFiuEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA5MDEyMDMwMjNaFw0yNTEwMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQDJjMzcxOGMyYzAwZTlkZDE1MjNiODYzZjIyZWRmMzE4OTA3YTRlYjkyZGI0
OThhYTJiMDlhNzgxODQ4MDYyYmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOAOE+Z2P/1zk/jYp3zezHxap1KkbPPlvsL+9PaYq0DEAKwfhdwUF308m5/Y
Rc9YECCKBIOBs5bhMyEEu+uVviYAkYE2T6pSa48eUhRURkWH+j6AO/2etb50U/wU
xOxM4FMpbi3QCYQdDgXOUn7HQN+vKguclcKQzrpnNN2Yqqp9Z5meZEgg508JntfE
VYDLW72qJ7R9EITJMoJ1EmXXAxCfz1TBvkq/DECrsdlRdNmKOxA/SW2sXredEdVI
DykduqiCOSJehvoPSe/LMlCkJn2oTgCakjeiR6J5L4Y123gKWGR1TxbMB0fN0dPy
3yTDYTCzOT8l6AHYtu9eWATjcXUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSuToCE
RvGgX2HS91M54mcJi40WDzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTdlMzBkYWYtZjExYS00YWY2LThmNDctNjYxYTczNWEyMmU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FhQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCHraXVKEijVxUSo8RLMNNrksoxlh+Z8MugI+P2
hoKJxXR0VawiBaPpSCEcuxM7oErPpVPSD1A+xYdT4RvGjn7YqFXQvic0yiXz1wT/
Xaf1jv0vuFdtXVS6IL97j3ihYcJKRxfFibAxl6dC5oo5Bhu/0pnVR26QQ5emNNAH
tyhNnr2G0EeltTuMAbcxuzklZyBGjxCNJ6EPko9T0Ysm8KlN+D6cZqK+Mc88Y+tq
JtbqZD5HXVsjau2A6ubAo6r1jouWd0ntEuJSFZgwbjTURceDAlP/QlmuUS+N8doY
SvQBedDqGug+szryOOSkxN0ae1A8w0t6fWXJjZgmn6+8W4Pz
-----END CERTIFICATE-----
Generated at Mon Sep 8 12:06:04 2025 by rpki-client